隨著Office 365 在中國的迅速普及,越來越多的公司開始使用Office 365及相關(guān)服務(wù)。能夠熟練使用并管理Office 365 就成為廣大公司IT管理員的一個必備技能���。
10年積累的成都網(wǎng)站設(shè)計���、網(wǎng)站制作、外貿(mào)營銷網(wǎng)站建設(shè)經(jīng)驗���,可以快速應(yīng)對客戶對網(wǎng)站的新想法和需求��。提供各種問題對應(yīng)的解決方案����。讓選擇我們的客戶得到更好���、更有力的網(wǎng)絡(luò)服務(wù)��。我雖然不認(rèn)識你�,你也不認(rèn)識我。但先網(wǎng)站設(shè)計后付款的網(wǎng)站建設(shè)流程�����,更有廣元免費(fèi)網(wǎng)站建設(shè)讓你可以放心的選擇與我們合作����。
今天我們就來介紹一種較為安全便捷的方式的連接Office 365 Online,即在PowerShell界面���,通過加密用戶名和密碼的方式連接Office 365 Online�����。那我們使用PowerShell對Office 365 Online進(jìn)行遠(yuǎn)程管理�����,有如下優(yōu)點:
- Office 365 擁有僅可使用 Office 365 PowerShell 配置的功能
- Office 365 PowerShell 善于執(zhí)行批量操作
- Office 365 PowerShell 善于篩選數(shù)據(jù)
- Office 365 PowerShell 方便打印或保存數(shù)據(jù)
- Office 365 PowerShell 支持跨服務(wù)器產(chǎn)品管理
- Office 365 PowerShell 會顯示無法通過 Microsoft 365 管理中心看到的其他信息
在連接過程中�,如果用戶名和密碼以明文形式輸入,就會帶來安全風(fēng)險���。如果采用以下PowerShell腳本就可以避免這個缺點:預(yù)先定義兩個函數(shù),分別用于加密和解密字符串;然后檢查本地是否存在已經(jīng)加密的用戶名和密碼文件���,如果沒有��,提示用戶輸入用戶名和密碼�����,并將其以密文形式存到本地;最后���,讀取本地加密的用戶名和密碼,并將其解密�,用于遠(yuǎn)程連接Office 365 Online。
腳本代碼分為以下三個部分介紹給大家��。
第一部分�,定義加密和解密的函數(shù)。
- # This function is to encrypt a string.
- function Encrypt-String($String, $Passphrase, $salt="SaltCrypto", $init="IV_Password", [switch]$arrayOutput)
- {
- $r = new-Object System.Security.Cryptography.RijndaelManaged
- $pass = [Text.Encoding]::UTF8.GetBytes($Passphrase)
- $salt = [Text.Encoding]::UTF8.GetBytes($salt)
- $r.Key = (new-Object `
- Security.Cryptography.PasswordDeriveBytes $pass, $salt, "SHA1", 5).GetBytes(32)
- $r.IV = (new-Object `
- Security.Cryptography.SHA1Managed).ComputeHash `
- [Text.Encoding]::UTF8.GetBytes($init) )[0..15]
- $c = $r.CreateEncryptor()
- $ms = new-Object IO.MemoryStream
- $cs = new-Object Security.Cryptography.CryptoStream $ms,$c,"Write"
- $sw = new-Object IO.StreamWriter $cs
- $sw.Write($String)
- $sw.Close()
- $cs.Close()
- $ms.Close()
- $r.Clear()
- [byte[]]$result = $ms.ToArray()
- return [Convert]::ToBase64String($result)
- }
-
- # This function is to de-encrypt a string.
- function Decrypt-String($Encrypted, $Passphrase, $salt="SaltCrypto", $init="IV_Password")
- {
- if($Encrypted -is [string]){
- $Encrypted = [Convert]::FromBase64String($Encrypted)
- }
- $r = new-Object System.Security.Cryptography.RijndaelManaged
- $pass = [Text.Encoding]::UTF8.GetBytes($Passphrase)
- $salt = [Text.Encoding]::UTF8.GetBytes($salt)
- $r.Key = (new-Object Security.Cryptography.PasswordDeriveBytes `
- $pass, $salt, "SHA1", 5).GetBytes(32)
- $r.IV = (new-Object `
- Security.Cryptography.SHA1Managed).ComputeHash `
- ( [Text.Encoding]::UTF8.GetBytes($init) )[0..15]
- $d = $r.CreateDecryptor()
- $ms = new-Object IO.MemoryStream @(,$Encrypted)
- $cs = new-Object Security.Cryptography.CryptoStream $ms,$d,"Read"
- $sr = new-Object IO.StreamReader $cs
- Write-Output $sr.ReadToEnd()
- $sr.Close()
- $cs.Close()
- $ms.Close()
- $r.Clear()
- }
- Clear-Host
第二部分�,從本地的文本文件中讀取加密的Office 365用戶名和密碼。只第一次需要手工輸入用戶名和密碼����,然后將加密的用戶名和密碼以密文形式存儲到本地磁盤�。此后無需輸入�����。
- #Try to read the encrypted user name and password from the specific path, if there are, read and de-encrypt them. If there are not, prompt for input and encrypt them.
- $uencrypted = Get-Content -ErrorAction SilentlyContinue -Path 'C:\$Home\Desktop\Username.txt'
- $pencrypted = Get-Content -ErrorAction SilentlyContinue -Path 'C:\$Home\Desktop\password.txt'
- If ($null -ne $uencrypted -and $null -ne $pencrypted)
- {
- $udecrypted = Decrypt-String $uencrypted "U_MyStrongPassword"
- $pdecrypted = Decrypt-String $pencrypted "P_MyStrongPassword"
- $pdecrypted = ConvertTo-SecureString $pdecrypted -AsPlainText -Force
- }
- Else
- {
- $ustring = read-host "Please Enter Office 365 User name"
- $pstring = read-host "Please Enter Office 365 User Password"
- $uencrypted = Encrypt-String $ustring "U_MyStrongPassword"
- $uencrypted | Out-File "$HOME\Desktop\Username.txt"
- write-host "Store the encrypted Username successfully!"
- $pencrypted = Encrypt-String $pstring "P_MyStrongPassword"
- $pencrypted | Out-File "$HOME\Desktop\password.txt"
- write-host "Store the encrypted password successfully!"
- $udecrypted = Decrypt-String $uencrypted "U_MyStrongPassword"
- $pdecrypted = Decrypt-String $pencrypted "P_MyStrongPassword"
- $pdecrypted = ConvertTo-SecureString $pdecrypted -AsPlainText -Force
- }
第三部分�,連接Office 365 Online。 執(zhí)行以下命令后����,就可以在PowerShell下,遠(yuǎn)程管理Office 365 Exchange Online了���。
- #Connect to Office 365 online or Azure
- $LiveCred = New-Object System.Management.Automation.PSCredential $udecrypted, $pdecrypted
- $Session = New-PSSession -ConfigurationName Microsoft.Exchange `
- -ConnectionUri https://partner.outlook.cn/powershell -Credential $LiveCred `
- -Authentication Basic –AllowRedirection -ErrorAction Stop `
- -Name "$($Credential.UserName)"
- Import-PSSession $Session
- Connect-MsolService –Credential $LiveCred -AzureEnvironment AzureChinaCloud
注意:執(zhí)行最后一個命令�����,需要預(yù)先安裝Microsoft Online Services Sign-In Assistant����。安裝方法可自行百度����,本篇不做介紹�����。
名稱欄目:如何安全連接Office365Online
轉(zhuǎn)載源于:
http://uogjgqi.cn/article/dpsjphg.html
